FreeBSD 11.3
Approved changes feed: RSS · Atom
cpe:2.3:o:freebsd:freebsd:11.3:*:*:*:*:*:*:*
part: o version: 11.3 update: *
| Vendor | Freebsd (1e86ea60-a74f-5f45-ac35-3eb819c9e064) |
|---|---|
| Product | Freebsd (be9b20ed-2a20-5a94-a224-b1a6fdcacb17) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/freebsd/freebsd-src |
purl2cpe | 2026-06-01 10:12:45.165193 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-5612 |
vulnerable | 2026-06-08 05:14:07.842840 |
Details available
In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer.
Published: 2019-08-29T22:31:46.000Z
Updated: 2024-08-04T20:01:51.526Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5611 |
vulnerable | 2026-06-08 05:14:07.841190 |
Details available
In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service.
Published: 2019-08-29T21:37:31.000Z
Updated: 2024-08-04T20:01:51.948Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5610 |
vulnerable | 2026-06-08 05:14:07.839518 |
Details available
In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user could cause an out-of-bounds read or trigger a crash of the software such as bsnmpd resulting in a denial of service.
Published: 2019-08-29T21:37:28.000Z
Updated: 2024-08-04T20:01:51.676Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5609 |
vulnerable | 2026-06-08 05:14:07.835117 |
Details available
In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350619, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bhyve e1000 device emulation used a guest-provided value to determine the size of the on-stack buffer without validation when TCP segmentation offload is requested for a transmitted packet. A misbehaving bhyve guest could overwrite memory in the bhyve process on the host.
Published: 2019-08-29T21:54:42.000Z
Updated: 2024-08-04T20:01:51.639Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5608 |
vulnerable | 2026-06-08 05:14:07.829615 |
Details available
In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page and subsequently panic.
Published: 2019-08-29T21:54:22.000Z
Updated: 2024-08-04T20:01:51.831Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.